Protecting your firm from 2 common threats on legit Web sites

How do your prevent your staffers’ PCs and laptops from being corrupted by malware on Web sites they need to visit to do their jobs?

That’s a major problem facing organizations. Many infections are discovered on “legitimate” Web sites.

Luckily, a little knowledge can go a long way toward protecting your firm against a potentially expensive hit.

Here are two major reason why businesses get hit, as well as ways to avoid exposures:

1. Site ads are polluted. While most ads on a Web site (especially reputable sites) are legit, some are loaded with malware — particularly ads with Flash animation. To prevent this, tell employees to only click on ads from organizations that already have a business relationship with your company.
2. SQL injection attacks. It happens all the time: An employee fills out an online form for a free white paper or E-newsletter. But if there’s a weakness in the site’s coding and an e-mail adress isn’t secure, hackers can get into your company’s server — and cause all types of damage. To safeguard your company server, it may be worthwhile have people use free e-mail accounts (gmail, yahoo, hotmail, etc.) when filling out online forms.